$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa File: 70F15C5CC5CA11EEA9DD0141C4F9AE02.roa (raw, json) Hash identifier: eigTt3Trg0Mmz7fJV2kqmCJ3wyWoOHb+0O4sij8n0rA= Subject key identifier: 9B:A3:A0:3A:E5:AE:8A:1E:AB:70:78:50:CC:96:1F:9A:75:A9:04:A8 Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Certificate serial: 0EF2 Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa Signing time: Sun 26 Apr 2026 17:21:01 +0000 ROA not before: Sun 26 Apr 2026 17:21:01 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 18230 IP address blocks: 59.152.8.0/24 maxlen: 24 59.152.9.0/24 maxlen: 24 59.152.10.0/24 maxlen: 24 59.152.11.0/24 maxlen: 24 59.152.12.0/24 maxlen: 24 59.152.13.0/24 maxlen: 24 59.152.14.0/24 maxlen: 24 2404:1b40::/32 maxlen: 32 2404:1b40::/48 maxlen: 48 2404:1b40:1::/48 maxlen: 48 2404:1b40:2::/48 maxlen: 48 2404:1b40:3::/48 maxlen: 48 2404:1b40:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:08:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3826 (0xef2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B06C, serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Validity Not Before: Apr 26 17:21:01 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69ee497d-2893 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:2d:63:a7:65:c4:7d:3f:6f:bc:03:7e:98:b3: f9:e6:df:28:c2:93:27:de:02:9e:f0:56:69:ca:03: 6e:a8:b6:83:cd:64:93:09:77:7e:1c:92:db:d8:fd: 43:47:90:ef:ea:9b:28:c7:d2:ed:9f:52:5d:1f:28: f0:57:a2:2d:70:9c:c6:f2:dc:71:78:de:e0:3e:d5: 2e:70:f4:c4:df:aa:bb:4a:bf:68:cd:f8:7b:3a:d3: 3c:f8:14:53:62:c0:ab:7a:1f:17:9e:f4:cf:c6:b5: 72:1c:c7:84:e2:b7:c3:a8:03:65:7b:b5:ec:00:b6: 56:7e:b4:00:0f:4f:c1:b2:ee:fa:62:63:85:88:04: ef:83:bf:59:7a:fb:b9:f8:87:1b:9d:be:fb:fd:90: a1:87:d0:99:fd:9f:8f:d9:73:33:67:bb:bb:df:a7: 56:a2:0a:db:7b:f5:de:5d:83:97:0a:05:07:94:ed: 20:14:19:2d:98:89:08:98:ca:11:dc:5d:28:45:da: 04:58:c6:95:fc:4b:dc:be:07:4d:1d:6e:de:d0:28: cf:99:7f:2f:ee:6e:aa:a6:10:aa:3d:45:41:d0:ac: 22:05:8d:a0:74:7b:54:a1:6a:18:4e:9f:44:e7:52: 74:7a:fc:92:57:69:3d:ac:54:3d:9c:00:10:5e:0a: 03:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:A3:A0:3A:E5:AE:8A:1E:AB:70:78:50:CC:96:1F:9A:75:A9:04:A8 X509v3 Authority Key Identifier: keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 59.152.8.0-59.152.14.255 IPv6: 2404:1b40::/32 Signature Algorithm: sha256WithRSAEncryption 49:49:03:94:09:7f:c6:3f:6a:3f:07:6d:cb:8e:47:97:e2:41: b3:4a:3f:dc:38:83:d3:f3:d9:01:30:ac:ca:be:b6:47:cf:fa: 3a:ad:7b:fe:9b:12:8e:ed:8b:b3:53:04:67:9f:25:3d:24:2d: 99:fe:7e:73:50:29:c1:74:fe:e3:b6:18:54:12:f3:9a:63:3c: 42:c3:96:2d:7a:77:ba:1e:d1:c6:7b:5d:d3:e8:68:e0:35:e4: 2b:87:8a:44:66:19:2d:38:3b:5d:f9:bb:5b:f9:23:bf:d8:1c: ef:2c:bc:15:1f:cb:d8:5a:71:af:c6:3c:ef:72:94:fb:c7:d1: b1:b8:df:a8:f4:9e:02:07:7d:25:22:09:cc:46:27:98:43:23: 9f:c0:4a:57:34:23:ac:21:c9:2f:7f:31:12:d1:96:2f:22:e3: fb:8c:1d:ad:0d:87:4b:c2:17:61:0b:bb:b5:0e:65:2a:fe:b6: 87:3b:59:7b:2e:15:54:6b:f6:f9:db:10:49:3d:22:e1:18:90: 5b:2d:3e:8c:67:42:1c:01:d1:b3:4c:fd:d2:9d:66:b3:85:ce: 98:ee:c6:be:2a:62:d2:73:a1:b6:8c:bf:b8:b1:d0:42:88:69: 7c:94:f1:a9:68:04:a6:0a:70:d2:cd:7a:a4:4f:46:cb:ba:66: 8d:ea:a4:5a -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICDvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0 QTdERUU5ODYwHhcNMjYwNDI2MTcyMTAxWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWVlNDk3ZC0yODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxC1jp2XEfT9vvAN+mLP55t8owpMn3gKe8FZpygNuqLaDzWSTCXd+HJLb2P1D R5Dv6psox9Ltn1JdHyjwV6ItcJzG8txxeN7gPtUucPTE36q7Sr9ozfh7OtM8+BRT YsCreh8XnvTPxrVyHMeE4rfDqANle7XsALZWfrQAD0/Bsu76YmOFiATvg79Zevu5 +Icbnb77/ZChh9CZ/Z+P2XMzZ7u736dWogrbe/XeXYOXCgUHlO0gFBktmIkImMoR 3F0oRdoEWMaV/EvcvgdNHW7e0CjPmX8v7m6qphCqPUVB0KwiBY2gdHtUoWoYTp9E 51J0evySV2k9rFQ9nAAQXgoDoQIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFJujoDrl rooeq3B4UMyWH5p1qQSoMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2 WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvNzBGMTVDNUND NUNBMTFFRUE5REQwMTQxQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAU BAIAATAOMAwDBAM7mAgDBAA7mA4wDQQCAAIwBwMFACQEG0AwDQYJKoZIhvcNAQEL BQADggEBAElJA5QJf8Y/aj8HbcuOR5fiQbNKP9w4g9Pz2QEwrMq+tkfP+jqte/6b Eo7ti7NTBGefJT0kLZn+fnNQKcF0/uO2GFQS85pjPELDli16d7oe0cZ7XdPoaOA1 5CuHikRmGS04O135u1v5I7/YHO8svBUfy9haca/GPO9ylPvH0bG436j0ngIHfSUi CcxGJ5hDI5/ASlc0I6whyS9/MRLRli8i4/uMHa0Nh0vCF2ELu7UOZSr+toc7WXsu FVRr9vnbEEk9IuEYkFstPoxnQhwB0bNM/dKdZrOFzpjuxr4qYtJzobaMv7ix0EKI aXyU8aloBKYKcNLNeqRPRsu6Zo3qpFo= -----END CERTIFICATE-----Generated at Thu May 21 11:14:54 2026 by rpki-client